Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Kubernetes v1.19 変更点調査のまとめ / k8s-v119-updates

uesyn
September 30, 2020
Technology
1
180

Kubernetes v1.19 変更点調査のまとめ / k8s-v119-updates

uesyn

September 30, 2020
Tweet

More Decks by uesyn

See All by uesyn
PodSecurityPolicyの安全な移行の道のり / On the safe migration of PodSecurityPolicy
uesyn
1
460
PodSecurityPolicyの廃止に備えて、 一足先にPodSecurity Admissionを試してみよう! / from-psp-to-podsecurity
uesyn
4
1.2k
そのクラスタ本当にアップグレードして大丈夫? Storage Version の更新も忘れずにしよう! / k8s-storage-version-migration
uesyn
2
2.8k
次世代のログ基盤 Grafana Lokiを始めよう! / prometheus-meetup-tokyo-3-lets-start-the-loki
uesyn
7
11k
kindでも"type LoadBalancer"を使いたい! / kubernetes-meetup-tokyo-24-kind-with-type-loadbalancer
uesyn
0
930
Loki入門
uesyn
8
1.7k
Cortexの話をKubeConで聞きたかったっていう話
uesyn
4
1.6k
kubernetesでGPUを 管理するために スケジューラをいじってみた
uesyn
1
1.6k

Other Decks in Technology

See All in Technology
Five Things you might not know or may have forgotten about the Oracle Database
sqlmaria
0
1.1k
デュアルトラックアジャイルとの向き合い方
onk
PRO
3
4.5k
DevRel/Japan CONFERENCE 2023
1ftseabass
PRO
0
400
ワイヤレス電力伝送について
sbtechnight
PRO
0
360
Spring Boot 3.0へのアップデートのハマり所 / Findings in Migrating our Application to Spring Boot 3.0
line_developers
PRO
3
290
モノレポによるマイクロサービスアーキテクチャの開発運用
bananaumai
2
450
軟體品質不只測試: LINE QA團隊分享
line_developers_tw
PRO
0
4.5k
知識拡張型言語モデルLUKE
ikuyamada
1
240
ChatGPTにR言語を教えてもらう(仮)
doradora09
1
120
SNS投稿を使ってクラウド障害を検知してみた
sbtechnight
PRO
0
340
ロケーターを学んでテスト自動化上級者を目指そう
nozomiito
0
570
チームにスクラムを導入してみた
sbtechnight
PRO
0
300

Featured

See All Featured
The MySQL Ecosystem @ GitHub 2015
samlambert
240
11k
Learning to Love Humans: Emotional Interface Design
aarron
263
38k
Three Pipe Problems
jasonvnalue
89
9k
What the flash - Photography Introduction
edds
64
10k
Principles of Awesome APIs and How to Build Them.
keavy
117
16k
Fontdeck: Realign not Redesign
paulrobertlloyd
74
4.4k
The Invisible Side of Design
smashingmag
292
49k
How to train your dragon (web standard)
notwaldorf
66
4.3k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
270
12k
Pencils Down: Stop Designing & Start Developing
hursman
114
10k
Docker and Python
trallard
30
2k
Imperfection Machines: The Place of Print at Facebook
scottboms
254
12k

Transcript

  1. Kubernetes Meetup Tokyo #34 (2020/9/30)
    Shunya Murata @shmurata_
    Shinya Uemura @uesyn
    Kubernetes v1.19 มߋ఺ௐࠪͷ·ͱΊ

    View Slide

  2. Shinya Uemura / @suemura
    ▶ θοτϥϘגࣜձࣾ ιϑτ΢ΣΞΤϯδχΞ
    ▶ 2019೥θοτϥϘגࣜձࣾʹೖࣾ
    ▶ Prometheus Meetup Tokyo, Cloud Native Meetup TokyoͷӡӦ΍ͬͯ·͢

    View Slide

  3. θοτϥϘגࣜձࣾ / Z Lab Corporation
    ▶ 2015೥ʹઃཱ͞ΕͨϠϑʔגࣜձࣾͷ100%ࢠձࣾ
    ▶ Πϯϑϥج൫ٕज़ͷௐࠪɾݚڀ։ൃ
    ▶ Ϡϑʔגࣜձࣾ޲͚ͷϚωʔδυ Kubernetes αʔϏεͷ։ൃ
    ▶ https://zlab.co.jp/

    View Slide

  4. ΞδΣϯμ
    ▶ มߋ఺ௐࠪͷऔΓ૊Έʹ͍ͭͯ
    ▶ @uesynͷؾʹͳͬͨมߋ఺ͷ঺հ
    ▶ @shmurata_ ͷؾʹͳͬͨมߋ఺ͷ঺հ

    View Slide

  5. มߋ఺ௐࠪʹ͍ͭͯ

    View Slide

  6. มߋ఺ௐࠪͱ͸ʁͳ࣮ͥࢪ͢Δͷ͔ʁ
    ▶ มߋ఺ௐࠪͱ͸ʁ
    + Z LabͰ͸KubernetesͷCHANGELOGΛௐࠪɾ೔ຊޠ༁ͷهࣄΛ࡞੒͍ͯ͠·͢
    + ϚΠφʔόʔδϣϯͷϦϦʔεຖʹ࣮ࢪ
    + v1.19͸Z Labͱ@superbrothers͞ΜͰ࣮ࢪ
    + SIG (Special Interest Group) ຖʹ୲౰Λ෼୲͠ɺSIGʹؔ࿈ͨ͠಺༰Λ·ͱΊΔ
    ▶ ͳ࣮ͥࢪ͢Δͷ͔ʁ
    + ίϛϡχςΟ΁ͷߩݙͷͨΊ
    + CaaSΛར༻͍ͯ͠ΔϢʔβ΁Өڹ΍ศརͳػೳͷ঺հ
    + Kubernetesͷมߋ఺͔Βɺఏڙ͍ͯ͠ΔCaaS΁ͷӨڹΛ೺Ѳ͢ΔͨΊ
    + ެ։͍ͯ͠Δͷ͸ϚΠφʔόʔδϣϯ͚ͩͰ͕͢ɺύονόʔδϣϯͷมߋ΋֬ೝ

    View Slide

  7. มߋ఺ௐࠪͱ͸ʁͳ࣮ͥࢪ͢Δͷ͔ʁ
    ▶ มߋ఺ௐࠪͱ͸ʁ
    + Z LabͰ͸KubernetesͷCHANGELOGΛௐࠪɾ೔ຊޠ༁ͷهࣄΛ࡞੒͍ͯ͠·͢
    + ϚΠφʔόʔδϣϯͷϦϦʔεຖʹ࣮ࢪ
    + v1.19͸Z Labͱ@superbrothers͞ΜͰ࣮ࢪ
    + SIG (Special Interest Group) ຖʹ୲౰Λ෼୲͠ɺSIGʹؔ࿈ͨ͠಺༰Λ·ͱΊΔ
    ▶ ͳ࣮ͥࢪ͢Δͷ͔ʁ
    + ίϛϡχςΟ΁ͷߩݙͷͨΊ
    + CaaSΛར༻͍ͯ͠ΔϢʔβ΁Өڹ΍ศརͳػೳͷ঺հ
    + Kubernetesͷมߋ఺͔Βɺఏڙ͍ͯ͠ΔCaaS΁ͷӨڹΛ೺Ѳ͢ΔͨΊ
    + ެ։͍ͯ͠Δͷ͸ϚΠφʔόʔδϣϯ͚ͩͰ͕͢ɺύονόʔδϣϯͷมߋ΋֬ೝ

    View Slide

  8. @uesyn ͷؾʹͳͬͨมߋ఺

    View Slide

  9. ͔͜͜Βࢲ͕࿩͢಺༰
    1. Expanded CLI support for debugging workloads and nodes

    2. Deprecation warnings

    3. Avoiding permanent beta

    4. Increase the Kubernetes support window to one year

    5. Structure Logging

    6. EndpointSlices are now enabled by default

    View Slide

  10. Expanded CLI support for debugging
    workloads and nodes

    View Slide

  11. Expanded CLI support for debugging workloads and nodes
    ▶ ”kubectl alpha debug” ΁৽ͨʹ2ͭͷػೳ͕௥Ճ
    1. NodeͷͨΊͷdebugػೳ
    + Nodeͷσόοά༻ίϯςφΛ࡞੒
    + /host ΁Nodeͷ / ΛϚ΢ϯτ͠ɺNodeͷPID,IPC΍NWωʔϜεϖʔεͰىಈ
    2. PodͷͨΊͷdebugػೳ
    + debugର৅ͷPodΛίϐʔ͠debug༻PodΛ࡞੒
    + debug༻ίϯςφΛૠೖͨ͠ΓɺίϯςφΠϝʔδ΍Ҿ਺ͳͲΛมߋͨ͠΋ͷΛ࡞੒
    ▶ ͲͪΒ΋FeatureGatesͷEphemeralContainersΛ༗ޮʹ͢Δඞཁͳ͠
    + alphaػೳ͕༗ޮʹͰ͖ͳ͍؀ڥͰ΋ར༻Մೳ

    View Slide

  12. ௥Ճ͞ΕͨNodeͷͨΊͷdebugػೳ(1/2)

    View Slide

  13. ௥Ճ͞ΕͨNodeͷͨΊͷdebugػೳ(2/2)
    /hostʹNodeͷ/͕Ϛ΢ϯτ͞Ε͍ͯΔ
    NodeͷPID,IPC΍NWωʔϜεϖʔεͰ࣮ߦ
    debug༻ͷPod໊

    View Slide

  14. ௥Ճ͞ΕͨPodͷͨΊͷdebugػೳ(1/2)
    ͜ͷ໊લͰdebug༻Pod͕࡞੒͞ΕΔ
    share-processͰ΋debug༻ίϯςφΛىಈՄೳ

    View Slide

  15. ௥Ճ͞ΕͨPodͷͨΊͷdebugػೳ(2/2)
    share-processͰ΋debug༻ίϯςφΛىಈՄೳ
    ▶ ͬ͟ͱ֬ೝͨ͠ײ͡ؾΛ෇͚ͨํ͕ྑͦ͞͏ͳࣄ
    + label͸ίϐʔ͞Εͳ͍
    + Service഑ԼͷPodΛdebug͢Δͱ͖ɺಉ͡τϥϑΟοΫ͸ྲྀΕͯ͜ͳ͍
    + Volume, VolumeMounts΋ίϐʔ͞ΕΔ
    + hostPort΋ίϐʔ͞ΕΔ ౳ʑ…
    ▶ ىಈॱংͷ੍໿΍εέʔϧͰ͖ͳ͍ΞϓϦέʔγϣϯ΋஫ҙ͢Δඞཁ

    View Slide

  16. ௥Ճ͞Εͨdebugػೳʹ͍ͭͯ
    ▶ ௥Ճ͞Εͨೋͭͷػೳ͸ڞʹɺศརPodΛ࡞ΔͨΊͷίϚϯυ
    ▶ ৄ͍࣮͠૷͸ҎԼΛࢀর
    + https://github.com/kubernetes/kubectl/blob/v0.19.2/pkg/cmd/debug/debug.go#L478-L522
    + https://github.com/kubernetes/kubectl/blob/v0.19.2/pkg/cmd/debug/debug.go#L413-L476

    View Slide

  17. Deprecation warnings

    View Slide

  18. Deprecation warnings
    ▶ APIར༻࣌ʹWarningΛฦ͢ػೳ͕௥Ճ
    + ഇࢭ༧ఆͷAPIΛୟ͍ͨ࣌
    + Admission WebhooksͷϨεϙϯεͰࢦఆ (ϢʔβఆٛՄೳ)
    + CRDͷϑΟʔϧυͰࢦఆ (ϢʔβఆٛՄೳ)

    View Slide

  19. ValidatingWebhookΛ༻͍ͨWarningͷσϞ
    ▶ ԿͷK8sϦιʔεͷValidation΋ͤͣɺWarning͚ͩฦ͢ValidatingWebhookͷσϞΛ͠·͢
    + https://github.com/uesyn/sample-warning-admission-webhook
    + ↑ޙ΄Ͳͪ͜ΒͰެ։͓͖ͯ͠·͢
    + ϦιʔεͷValidation͸͠·ͤΜ͕ɺۈ຿࣌ؒͷValidation͸ͯ͘͠Ε·͢
    + ۈ຿࣌ؒ֎ʹಇ͘͜ͱΛېࢭ͠·ͤΜ͕ɺWarningͱͯ͠ग़ྗ
    ▶ Admission WebhookͷWarningʹ͍ͭͯ͸ҎԼΛࢀর͍ͩ͘͞
    + https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#admissionreview-response-warning

    View Slide

  20. Avoiding permanent beta

    View Slide

  21. Avoiding permanent beta
    ▶ ͣͬͱvXbetaYͰ͢ʂͱͳΒͳ͍ͨΊͷϙϦγʔΛద༻
    + Ingress͸2015೥ʹ͸betaʹͳ͍ͬͯͨΑ͏Ͱ͢
    ▶ ৽͍͠API͕betaʹͳΔͱɺͦͷAPI͸9ϲ݄Ҏ಺ͰҎԼͷΞΫγϣϯ͕ඞཁ
    + GAΛग़͠ɺbetaͷ΋ͷΛඇਪ঑ͱ͢Δ
    + ৽͍͠betaΛग़͠ɺݹ͍΋ͷΛඇਪ঑ͱ͢Δ
    ▶ 9ϲ݄ܦաͯ͠͠·ͬͨ৔߹
    + ࣍ͷϦϦʔεͰͦͷAPIͷόʔδϣϯ͸ඇਪ঑ͱͳΔ
    + ಉ͡betaόʔδϣϯͰଓߦͱ͍͏બ୒ࢶ͸ͳ͍
    ▶ ৄࡉ͸ҎԼ
    + https://kubernetes.io/blog/2020/08/21/moving-forward-from-beta/

    View Slide

  22. Increase the Kubernetes support
    window to one year

    View Slide

  23. Increase the Kubernetes support window to one year
    ▶ Kubernetes v1.19͔Βɺόάमਖ਼ͷαϙʔτ͕9ϲ݄͔Β1೥΁
    ▶ ͜Ε͔Β΋ؤுͬͯΫϥελͷΞοϓάϨʔυ͍͖ͯ͠·͠ΐ͏ʂ

    View Slide

  24. Structure Logging

    View Slide

  25. Structure Logging
    ▶ ߏ଄ԽϩΪϯά͕ಋೖ͞Εͨ
    + ରԠ͍ͯ͠ΔkubernetesͷίϯϙʔωϯτͰ͋Ε͹—logging-formatΦϓγϣϯͰࢦఆՄೳ
    + json ·ͨ͸ text Λࢦఆ
    ▶ k8s.io/klog ͕v2ͱͳΓInfoS΍ErrorSͳͲͷߏ଄Խ͞ΕͨϩάΛग़ྗ͢Δؔ਺͕௥Ճ
    + jsonͰग़ྗ͢Δ࣮૷͸klogʹ͸ͳ͍
    + SetLogger ؔ਺Ͱgithub.com/go-logr/logr Λ࣮૷ͨ͠΋ͷΛηοτ͢Δ
    + K8sίϯϙʔωϯτ͕ར༻͍ͯ͠Δ্ه࣮૷͸ k8s.io/component-base ʹଘࡏ

    View Slide

  26. EndpointSlices are now enabled
    by default

    View Slide

  27. EndpointSlices are now enabled by default
    ▶ Endpointsͷ୅ΘΓʹEndpointSlice͕kube-proxyͰσϑΥϧτͰར༻͞ΕΔΑ͏ʹ
    ▶ EndpointSliceϦιʔεࣗମ͸v1.18͔Β࡞੒͞ΕΔ
    ▶ EndpointsϦιʔεΛ୯ମͰ࡞੒͢ΔͱɺରԠ͢ΔEndpointSliceϦιʔε͕࡞੒͞ΕΔ
    + EndpointSliceMirrorling controllerʹΑΓੜ੒͞ΕΔ
    + labelͰendpointslice.kubernetes.io/skip-mirror: “true" ͱ͢Δ͜ͱͰϛϥʔϦϯά͞Εͳ͘ͳΔ
    + ࡞੒͞ΕΔEndpointSlice͸OwnerReference͕ͦͷEndpointsͱͳΔΑ͏Ͱ͢

    View Slide